package com.atech.ebayadmin.common.filter;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.springframework.web.filter.OncePerRequestFilter;

import com.atech.ebayadmin.system.vo.UserVO;


public class AuthFilter extends OncePerRequestFilter{
	private static Logger log = LogManager.getLogger(AuthFilter.class);
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response,
            FilterChain filterChain) throws ServletException, IOException {
    	HttpSession session = request.getSession();
    	if (null == session) {
    		log.info("用户未登陆：" + request.getServletPath());
    		request.setAttribute("isUrlAccess", "isUrlAcess");
            request.getRequestDispatcher("/admin/authRedict.jsp").forward(request, response);
    	} else {
    		UserVO userVO = (UserVO)request.getSession().getAttribute("User");
    		if (null == userVO) {
    			log.info("user is null in session");
    	    	String url = request.getServletPath();
    	    	log.info("用户请求的页面：" + url);
    	    	if (url.indexOf("login") > 0 || url.indexOf("loginOut") > 0 || url.indexOf("userLogin") > 0) {
    	    		filterChain.doFilter(request, response);
    	    		return;
    	    	} else {
    	    		log.info("用户未登陆访问页面");
    	    		if (url.indexOf("default.jsp") < 0) {
    	    			log.info("timeout");
    	    			request.setAttribute("timeout", "Y");
    	    		}
                    request.getRequestDispatcher("/admin/authRedict.jsp").forward(request, response);
    	    	}
    		} else {
    			filterChain.doFilter(request, response);
        		return;	
    		}
    	}
    	System.out.println("in the filter");	
    }
}
